Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2019-19524
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
CVSS Score
4.6
EPSS Score
0.0
Published
2019-12-03
CVE-2019-19525
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
CVSS Score
4.6
EPSS Score
0.001
Published
2019-12-03
CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
CVSS Score
6.8
EPSS Score
0.001
Published
2019-12-03
CVE-2013-4235
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
CVSS Score
4.7
EPSS Score
0.001
Published
2019-12-03
CVE-2013-2106
webauth before 4.6.1 has authentication credential disclosure
CVSS Score
7.5
EPSS Score
0.004
Published
2019-12-03
CVE-2012-4576
FreeBSD: Input Validation Flaw allows local users to gain elevated privileges
CVSS Score
7.8
EPSS Score
0.001
Published
2019-12-02
CVE-2012-4428
openslp: SLPIntersectStringList()' Function has a DoS vulnerability
CVSS Score
7.5
EPSS Score
0.397
Published
2019-12-02
CVE-2019-19479
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-01
CVE-2019-18609
An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.
CVSS Score
9.8
EPSS Score
0.015
Published
2019-12-01
CVE-2019-19269
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
CVSS Score
4.9
EPSS Score
0.01
Published
2019-11-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved